cbcvebase.
CVE-2015-8980
published 2019-11-04

CVE-2015-8980: The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
6.71%
93.1th percentile
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

Affected

14 ranges
VendorProductVersion rangeFixed in
debianphp-gettext< php-gettext 1.0.12-0.1 (bookworm)php-gettext 1.0.12-0.1 (bookworm)
debianphpmyadmin< php-gettext 1.0.12-0.1 (bookworm)php-gettext 1.0.12-0.1 (bookworm)
fedoraprojectfedora
opensuseleap
opensuseleap
php-gettext_projectphp-gettext< 1.0.121.0.12
php-gettext_projectphp-gettext
php-gettext_projectphp-gettext>= 0 < 1.0.12-0.11.0.12-0.1
php-gettext_projectphp-gettext>= 0 < 1.0.12-0.11.0.12-0.1
phpmyadminphpmyadmin>= 0 < 4:4.6.6-14:4.6.6-1
phpmyadminphpmyadmin>= 0 < 4:4.6.6-14:4.6.6-1
phpmyadminphpmyadmin>= 0 < 4:4.6.6-14:4.6.6-1
phpmyadminphpmyadmin>= 0 < 4:4.6.6-14:4.6.6-1
redhatenterprise_linux

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is triggered when an unsanitized user-supplied numeric value is passed as the count parameter to ngettext family of calls (ngettext, npgettext, select_string), allowing arbitrary code execution via the plural form formula evaluation.
  • Monitor for exploitation attempts targeting the select_string, ngettext, and npgettext functions in php-gettext versions before 1.0.12.
  • ·Vulnerability only affects php-gettext (php-php-gettext) versions prior to 1.0.12; version 1.0.12 resolves the issue across all tracked distributions (Fedora, EPEL, Debian).

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.